Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in the Identity Provider (IdP) 1.3.x before 1.3.4 and 2.x before 2.1.5, and the Service Provider 1.3.x before 1.3.5 and 2.x before 2.3, in Internet2 Middleware Initiative Shibboleth allow remote attackers to inject arbitrary web script or HTML via URLs that are encountered in redirections, and appear in automatically generated forms.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Internet2 Identity Provider多个跨站脚本漏洞
Vulnerability Description
Identity Provider(IdP)1.3.4版之前的1.3.x版和2.1.5版之前的2.x版以及Internet2 Middleware Initiative Shibboleth的Service Provider 1.3.5版之前的1.3.x版和2.3版之前的2.x版中的多个跨站脚本(XSS)漏洞允许远程攻击者借助在重定向中遇到的并在自动生成窗体中出现的URLs,注入任意web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A